top of page

Kafico LTD Privacy Policy

Kafico Ltd takes your privacy very seriously.

We are registered with the Information Commissioner as a Data Controller and our registration number is ZA422651.

If you have any questions or wish to make a request in relation to your information, please contact the Director on emma.cooper@kafico.co.uk.

Kafico Ltd acts as an independent provider of Data Protection Officer services to various customers. Some of which are healthcare providers such as GP practices.

We do not transfer any personal data outside of the UK.

How Does Kafico Collect My Information?

We will collect information about you, either directly – when you contact us with data protection concerns or queries, or indirectly – when one of our customers passes your details to us so that we can provide you with advice and support.

Where possible we will ask our customers to redact your personal information, where it is not necessary for us to deliver our services.

There may be occasions when we will need to have information about you in order to properly respond to the query.

The information we collect will be stored on computer and electronic systems.

The information includes Personal Data;

  • Basic details about you, such as name, nature of your query and email address

as well as Sensitive Personal Data, (where it is provided by you directly);

  • Information that you provide about your health and any disabilities in relation to your data protection queries

  • Information about your home life such as marital status, sexual life in relation to your data protection queries

  • Where practices use our Managed Disclosure Service, we will have access to the full health record for patients including any digital records. We will only access these records in relation to a request that has been made to the practice (solicitors, army recruitment, gun licence, for example).

 

Kafico Ltd are permitted to collect, store, use and share this information, where necessary, under the General Data Protection Regulations 2016 and Data Protection Act 2018;

  • When our customer provides us with your information processing is necessary for the purposes of the legitimate interests pursued by the controller or third party. 

  • When you contact us directly and provide information, The data subject (you) have provided their explicit consent

How Does Kafico Use My Information?

Kafico Ltd will use your information in the following ways;

 

The public / patients;

 

  • To provide you with support and guidance with respect to data protection law

  • To respond to your requests to exercise your information rights

  • To support our customers to give effect to your information rights

  • To respond to queries via the website

  • Where practices use our Managed Disclosure Service, we will have access to the full health record for patients including any digital records. We will use these records to authenticate identity for the request, identify and redact any items that need to be withheld, collate and send the records securely to the requestor

 

Our customers

 

  • To provide you with support and guidance with respect to data protection law

  • To maintain logs such as training figures

  • To maintain a list of contact information (where you have not objected)

 

To undertake some of these activities, your information will be shared internally across our teams. We will work to ensure that only the right people have your information and that they are only given the information they need.

Who Does Kafico Share My Information With?

Kafico Ltd works hard to ensure that only the right people have your information and that they are only given the information they need.  

 

Kafico Ltd uses other companies to help us deliver some of our services such as;

 

  • Shared Network Drive (Microsoft 365)

  • Website provider (Wix)

  • Accounting software (Quickbooks)

  • Email provider (Microsoft or NHS Mail)

  • Pension provider (NEST)

  • Recruitment portal provider (Indeed)

  • Accountant (Direct Accountants UK)

  • Telecommunications (Webex)

 

Personal data will never be made available to organisations not related directly to our identified uses without letting you know and giving you a chance to object.

 

Where practices use our Managed Disclosure Service, we will share records with the requestor (police, solicitors, army recruitment, firearms licence issuers, DVLA etc) but only insofar as it is lawful and appropriate to do so.

 

We have contracts in place with these organisations that prevent them from using it in any other way that how we tell them to. These contracts also require them to maintain good standards of security to ensure your confidentiality.

Will Kafico Ever Share My Information Without Asking Me?

Sometimes we will be required by law to share your information and will not always be able to discuss this with you directly.

 

Examples are;

  • Sharing with the police or tax authorities for the detection or prevention of crime

  • Where it is in the wider public interest – to keep the public safe for example

  • To safeguard children or vulnerable adults

  • Because the court has told us we must share.

  • Where practices use our Managed Disclosure Service, we will share records with the requestor (police, solicitors, army recruitment, firearms licence issuers, DVLA etc) but only insofar as it is lawful and appropriate to do so.

 

What Are My Information Rights?

Data protection law provides you with a number of rights that Kafico Ltd is committed to supporting you with;

 

Right to Access

You have the right to obtain:

  • confirmation that your information is being used, stored or shared by Kafico Ltd

  • a copy of information held about you

 

If you only require a particular part of your record, tell us,and this can reduce the time it takes

to provide it.

We will respond to your request within one month of receipt or will tell you when it might take longer.

We are required to validate your identity including the identity of someone making a request on your behalf

Right to Object or Withdraw Consent

We collect, use, store and share your information because we are permitted to by law; in order to respond to your queries or provide data protection support to our customers, but you do have a right to object to us doing this.

 

When we collect, use, store or share your information based on your consent, you have a right to withdraw that consent at any time.

Our Data Protection Officer will be happy to speak with you about any concerns you have.

 

Right to Correction

If information about you is incorrect, you are entitled to request that we correct it.

There may be occasions, where we are required by law to maintain the original information – our Data Protection Officer will talk to you about this and you may request that the information is not used during this time.

We will respond to your request within one month of receipt or will tell you when it might take longer.

 

 

Right to Portability

You can ask us to send your information to another organisation on your behalf if you wish.

 

Complaints

You also have the right to make complaints and request investigations into the way your information is used. Please contact our Data Protection Officer or visit the link below for more information.

 

For more detailed information on your rights visit https://ico.org.uk/for-the-public/.

Does Kafico Use Profiling or Automated Decision Making?

No; Kafico Ltd does not undertake automatic profiling or automated decision making in relation to your information.

Our Data Protection Officer will be happy to speak to you about this if you have concerns.

How Does Kafico Protect My Information?

Kafico Ltd are committed to ensuring the security and confidentiality of your information. There are a number of ways we do this;

 

  • Staff receive regular training about protecting and using personal data

  • Policies are in place for staff to follow and are regularly reviewed

  • We check that only the minimum amount of data is shared or accessed

  • We use controlled access to systems, this helps to ensure that the right people are accessing data – people with a ‘need to know’

  • We use encrypted emails and storage which would make it difficult for someone to ‘intercept’ your information

  • We report and manage incidents to make sure we learn from them and improve

  • We put in place contracts that require providers and suppliers to protect your data as well

How Long Does Kafico Store My Information?

The public / patients

 

Data Protection Queries made by members of the public are retained for 3 years to allow us to respond to any follow up queries. However, once the initial query or request is resolved, we will make a summary of the outcome, remove identifiers and keep in a de-identified form until it is time to be destroyed.


Where we have downloaded copies of medical records in relation to our Managed Disclosure Service, we will retain the records for 3 months and then they are completely deleted. We will keep emails that relate to the review and processing of the request (but not the health records) for 3 years following the disclosure of the records.


Our customers

Kafico will retain / store your information for the duration of your contact with us and for 3 years following termination of contract. This helps support us should there be any matters arising.

What About Cookies or Information Submitted via This Website?

Kafico only use cookies that support the provision of this website and allow us to see how our site is performing (what you have clicked on for example) and do not share information with any third party for direct marketing purposes.

If you contact us via this website, we will provide you with information about how it will be used, stored and shared once we have identified the nature of your request. 

What About Marketing Emails and Blog Updates?

Where we think they would be of interest, we will send you occasional emails about products and services that we offer.

 

If we email individuals using their personal data, this will only happen if you have signed up for these communications or if we have an existing relationship with you and feel that you would be interested and expect us to keep you updated.

You can unsubscribe to these emails at any time by clicking the link within the emails. 

 

Changes to this Notice

Where we make material changes to our processing activities, we will contact relevant stakeholders as appropriate.

 

Notice updates
05/06/25 - Formatting improvements

30/07/23 – Updated to include the “Changes to this Notice” section

 

For any questions, please contact our Data Protection Officer on info@kafico.co.uk

Cookie Policy

Effective Date: 28-Oct-2024
Last Updated: 28-Oct-2024

What are cookies?

This Cookie Policy explains what cookies are and how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used, and how to manage the cookie settings.

Cookies are small text files that are used to store small pieces of information. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.

How do we use cookies?

As most of the online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.

The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.

Types of Cookies we use

Necessary

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.​​​​​​​

Website cookie table listing cookie name, purpose, duration, and type for compliance transparency

Functional

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

Cookie policy table showing tracking, marketing, and necessary cookies used on the Kafico website

Performance

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Data protection cookie table displaying categories, lifespans, and purposes of cookies for GDPR compliance

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Visual table explaining how cookies are used on the site, including analytics, preferences, and session cookies
Manage cookie preferences

Cookie Settings

You can change your cookie preferences any time by clicking the "Cookie settings" button in the bottom left of your browser window. This will let you revisit the cookie consent banner and change your preferences or withdraw your consent right away.

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. Listed below are the links to the support documents on how to manage and delete cookies from the major web browsers.

 

If you are using any other web browser, please visit your browser’s official support documents.

bottom of page